Main Nav

Hello

 

We’re currently considering whether to outsource our email service to either Google or Microsoft. I was hoping that those of your who are using Google Apps could help with the following questions.

 

SSO and Google Apps

If you’re using Shibboleth to authenticate access to Google Apps how do you deal with those who are not using the web interface to Google Apps, i.e. Outlook, IMAP, smart phone and tablet users? Is anyone using ECP? Is it reliable?

Is anyone using a commercial SAML IdP rather than Shibboleth? There seem to be a number of these listed on Google’s pages. Some of them e.g. ‘SSO Easy’ and Viwo claims to be able to work with non-browser access. Has anyone any experience of either of them?

 

Google Apps Directory Synchronisation

Google say that their tool can’t read the format of AD passwords but one solution is to convert them using a third party tool to a format that it can read and then sync them. This begs the question of why Google don’t buy the company that knows how to do it. However does anyone know of a tool for doing this?

 

I’m referring to the initial population of their Google account with the same password as their AD one. I know with GAPS you can later sync any changes that the user may make.

 

It seems to me that the biggest logistical problem we’d face if we moved to Google Apps is communicating to users their initial password. I know we could force all our users to change their AD password and use GAPS to sync the change but I’m nervous about making 40,000 people all change their password at the same time. How have other institutions handled this?

 

Thanks for your help

 

Nigel

 

 

Nigel Bruce
Service Manager – Servers & Storage
Information Systems Services
University of Leeds
LEEDS, LS2 9JT
Tel. 0113 343 5384

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

We used the migration as a ruse to get people to enroll in a new password management/reset system. To get access to Google Apps they needed to enroll in the password management system. The enrollment process required them to change their password which got replicated to all systems (including Google). Killed two birds with one stone.

           
Rand
 
Rand P. Hall
Director, Network Services                 askIT!
Merrimack College
978-837-3532

If I had an hour to save the world, I would spend 59 minutes defining the problem and one minute finding solutions. – Einstein


Thanks Rand. Sounds like a good idea. J

 

Nigel

 

From: The EDUCAUSE Google Apps Constituent Group Listserv [mailto:GOOGLEAPPS@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hall, Rand
Sent: 08 April 2013 13:23
To: GOOGLEAPPS@LISTSERV.EDUCAUSE.EDU
Subject: Re: [GOOGLEAPPS] Google, Shib and intial password setting.

 

We used the migration as a ruse to get people to enroll in a new password management/reset system. To get access to Google Apps they needed to enroll in the password management system. The enrollment process required them to change their password which got replicated to all systems (including Google). Killed two birds with one stone.


           

Rand

 

Rand P. Hall

Director, Network Services                 askIT!

Merrimack College

978-837-3532

 

If I had an hour to save the world, I would spend 59 minutes defining the problem and one minute finding solutions. – Einstein

 

Message from matt@weisberg.net


You might want to look at CloudAccess from NetIQ:


It handles the federation/SSO using SAML and it can act as a proxy for things that need passwords, like IMAP and POP, thereby eliminating the need (and concerns) of syncing your passwords into Google Apps.

Matt

--------
Matt Weisberg
Weisberg Consulting, Inc.
ofc. 248.685.1970
cell 248.705.1950
fax 248.769.5963

Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.